Interested to Buy Any Domain ? << Click Here >> for more details...
Change control procedures to prevent scope creep during an
application development project should be defined during:
A. design.
B. feasibility.
C. implementation.
D. requirements definition.
- 2 Answers
- 6547 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
The change control procedures are generally common for
applications within one organization; however, the
application-specific change control procedures are to be
defined during the design phase of SDLC and should be based
on the modules in the software. The other choices are
incorrect. It is too early to define change control
procedures during the feasibility phase, and it would also
be too late during the implementation phase and after the
implementation of software.
| Is This Answer Correct ? | 5 Yes | 2 No |
In planning a software development project, which of the following is the MOST difficult to determine? A. Project slack times B. The project's critical path C. Time and resource requirements for individual tasks D. Relationships that preclude the start of an activity before others are complete
Which of the following is a concern when data is transmitted through secure socket layer (SSL) encryption implemented on a trading partner's server? A. Organization does not have control over encryption. B. Messages are subjected to wire tapping. C. Data might not reach the intended recipient. D. The communication may not be secure.
A distinction that can be made between compliance testing and substantive testing is that compliance testing tests: A. details, while substantive testing tests procedures. B. controls, while substantive testing tests details. C. plans, while substantive testing tests procedures. D. for regulatory requirements, while substantive testing tests validations.
Which of the following is a network architecture configuration that links each station directly to a main hub? A. Bus B. Ring C. Star D. Completed connected
Classification of information systems is essential in business continuity planning. Which of the following system types can not be replaced by manual methods? A. Critical system B. Vital system C. Sensitive system D. Non-critical system
Which of the following techniques or tools would assist an IS auditor when performing a statistical sampling of financial transactions maintained in a financial management information system? A. Spreadsheets B. Parallel simulation C. Generalized audit software D. Regression testing
The most common problem in the operation of an intrusion detection system (IDS) is: A. the detection of false positives. B. receiving trap messages. C. reject error rates. D. denial-of-service attacks.
Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.
Which of the following is the FIRST thing an IS auditor should do after the discovery of a trojan horse program in a computer system? A. Investigate the author. B. Remove any underlying threats. C. Establish compensating controls. D. Have the offending code removed.
The review of router access control lists should be conducted during a/an: A. environmental review. B. network security review. C. business continuity review. D. data integrity review.
A vendor/contractor?s performance against service level agreements must be evaluated by the: A. customer. B. contractor. C. third-party. D. contractor?s management.
After implementation of a disaster recovery plan (DRP), pre-disaster and post-disaster operational cost for an organization will: A. decrease. B. not change (remain the same). C. increase. D. increase or decrease depending upon nature of the business.
Cisco Certifications 
